Tag Archives: cyberattacks

Attacks That Change the Course of History

Data theft is steadily refashioning itself as a political weapon. This past December, Barack Obama took advantage of his final days in office to take retaliatory measures against Russia. The Obama administration attributes to its Muscovite counterpart the cyberattacks carried out over the course of the recent presidential elections whose goal it was to tip the scales in Donald Trump’s favor for the presidential bid.

In an official statement, Obama announced the measures that include the expulsion of 35 Russian operatives and the introduction of new sanctions against certain people and organizations, including the two primary governmental espionage agencies.

The still-president Obama made this decision despite the Kremlin’s denial of its participation in the cyberattacks against the Democratic National Committee and other organizations in the Democratic Party. These cyberattacks came in the form of a massive email leak (containing many messages that damaged Hillary Clinton’s image), divulged by WikiLeaks to the media and considered to be a crucial element in the results of the election.

Shortly after the White House announcement, the FBI and the NSA published a report accusing Russia of the leak, which affected not only the Democratic Party but also John Podesta, chairman of the Clinton campaign. The document includes technical details of the tools and infrastructure presumably used by Russian intelligence services to “to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities”. These latter victims remain unnamed.

According to the report, that initiative was part of a broader plan that included attacks against other political organisms, corporate infrastructures, data processing centers, universities, and big businesses.

What Targeted Attacks Came Into Play?

The analysis alludes to two kinds of “spear phishing” attacks, a term which refers to fraudulent emails sent from addresses that belong to or seem to belong to one of the victim’s contacts. The first of them came about in the summer 2015. It was directed toward at least one person from a “U.S. political party”, who received an email with attachments that activated a malware download. This was then able to spread itself throughout the system and “exfiltrate emails from several accounts”.

In September of this year, the FBI warned the DNC for the first time that their systems were under attack by a group known as “the Dukes”, with ties to the Russian government.

The second attack took place in the spring of 2016. This time, the report tells us, the attacks consisted of mass emails requesting a change of password from users, a strategy used to access partymembers’ email accounts. While the investigations are underway, Trump continues to deny that the Russian government had anything to do with the intervention made on his behalf.

There is no doubt that with these and other recent developments in the field of cyberattacks, protecting ourselves and our future is key. Over the coming months we will begin to see more and more news on this prickly subject, a clear example of the influence that hacktivism and cybercrime can have in the geopolitical sphere.

Targeted attacks are commonplace. The only way to face them down is with an advanced cybersecurity solution like Adaptive Defense, keeping your company safe from the sorts of silent breaches that can happen without anyone noticing. Until it’s too late.

The post Attacks That Change the Course of History appeared first on Panda Security Mediacenter.

Can a Hacker Guess Your Password in Only 100 Attempts?

Making sure that our employees use complex and diverse passwords, both in and out of the workplace, is of vital importance. Not least because multitudes of confidential data could be at risk because of flimsy credentials, ones that are obvious and oft-repeated.

To demonstrate the necessity of adequate protection that also allows for the handling of many distinct passwords, a group of researchers has created a software that is capable of guessing passwords with only a small number of attempts. Specifically, with a little bit of the victim’s personal information, the tool would be able to hit upon the correct password testing fewer than a hundred possibilities.

It’s called TarGuess and was created by researchers at the Universities of Beijing and Fujian in China, and the University of Lancaster in the UK. According to their study, an attacker with sufficient personal information (username, a pet, family members, date of birth, or the destination of their most recent vacations) has a one in five chance of guessing their password in fewer than a hundred attempts.

All they’ve done with TarGuess is to automate the process with a tool that scours social networks for personal information that could later be used in its attempts.

Using this tool, the researches successfully guessed 20% of passwords of those participating in the study with only one hundred attempts. More strikingly, the success rate increases proportionally with the number of guesses. So with a thousand attempts TarGuess is able to get 25% of passwords, and with a million the success rate can climb up to 50%.

Moving beyond the controversial data breaches of platforms such as Yahoo or Dropbox, the main conclusion that this study draws is that many users’ passwords are not robust enough to withstand this kind of attack. And as if that wasn’t enough, these breaches have brought to light another risk: TarGuess reportedly detected that many of these credentials are used in other services, or at best have many similarities (constituting what they call “sister passwords”).

This investigation demonstrates once again the necessity of controlling what kind of information is published on social networks. An employee that ‘shares’ every moment of their life may be inadvertently helping a cyber attacker to learn their password, putting corporate data at risk.

The post Can a Hacker Guess Your Password in Only 100 Attempts? appeared first on Panda Security Mediacenter.

Hospitals and healthcare providers under cyberattack

Hospitals are vulnerable to cyberattacks

Hospitals are vulnerable to cyberattacks

The recent ransomware attack on the Hollywood Presbyterian Medical Center in Los Angeles has spooked the healthcare community. Hackers installed *ransomware in the hospital computer system and held patient records hostage while demanding payment. The hospital eventually paid $17,000 to have their files unlocked.

Attacks on major insurance and healthcare systems last year including Excellus BlueCross BlueShield and Anthem Inc. resulted in 100 million individual records being stolen.

Electronic medical records are a treasure trove of data and fetch a price 20 times more than that a stolen credit card numbers. The cost for the U.S. healthcare industry is $6 billion dollars annually, with the average data breach costing a hospital $2.1 million.

According to a study by the Ponemon Institute, healthcare organizations average about one cyberattack per month with more than half of all organizations surveyed saying they experienced at least one cyberattack in the last 12 months.

Organizations major concerns are system failures (legacy software and devices are common), unsecured wearable biomedical technology that puts patients at risk, and something that other industries face – BYOD (bring your own device)  – as employees increasingly using their personal devices for work-related activities. One of the real threats is that hackers can compromise healthcare mobile apps and expose confidential medical records.

Stop by to visit the Avast Virtual Mobile Platform booth at HIMMS16

Stop by to visit the Avast Virtual Mobile Platform booth at HIMMS16

This week, cybersecurity in healthcare is a major discussion point at the Healthcare Information and Management Systems Society 2016 Conference in Las Vegas. Avast Virtual Mobile Platform (VMP) will demonstrate how hospitals, insurance companies, and others can use Avast VMP to ensure secure, HIPAA-compliant access to mobile apps such as instant messaging, EHR, document storage and more. Avast will also demonstrate how VMP uses virtualization to instantly secure healthcare mobile apps.

Follow HIMSS16 on Twitter.

*Ransomware commonly enters a computer system when a user is tricked into clicking an infected link in an email or an infected ad on a website. The ransomware then locks all the files in the system and demands money for a key that will unlock the files.